use CGI;
my $request = CGI->new;
if( $ENV{'REMOTE_USER'} eq "sutch" && $ENV{'REMOTE_PASSWD' } eq "myb4d" ) {
  # user is authenticated
  print $request->header;
  # return restricted web page here
} else {
  print $request->header( '-status' => '401 Authentication required', '-auth-type' => 'Basic', '-WWW-Authenticate' => 'Basic realm="My Restricted Area"' );
  # return failed authentication message here
}